Synchronization User Lists

You create Synchronization User Lists (SULs) to define specific users in both
the Directory Server and Windows directories to be synchronized. These definitions
enable synchronization of a flat Directory Information Tree (DIT) to a hierarchical
directory tree.

The following concepts are used to define a Synchronization User List:

Base DN(not applicable to Windows NT). Includes
all users in that DN unless another SUL is more specific or unless excluded
by a filter.

Filter. Uses attributes
in the user’s entry to exclude users from synchronization or to separate
users with the same base DN into multiple SULs. This filter uses LDAP filter syntax.

Creation expression (not
applicable to Windows NT). Constructs the DN where new users are created,
for example, cn=%cn%,ou=sales,dc=example, dc=com, where %cn% is replaced with the value of cn from the
existing user entry. A creation expression must end with the base DN.

An SUL includes two definitions; where each definition identifies the
group of users to be synchronized in the topology terms of the directory type.